Security interview: What if a motivated attacker targets your company?


computer-security-signpost (GraphicStock)

Image (GraphicStock) - Security signpost


  Continuing Computerworld Malaysia's security roundup, suggested by issues included in this year's Security Summit in KL, I reached out to Kane Lightowler, APJ managing director for Carbon Black.
 Kane's responses add to building a broader picture of the current local security landscape in the spirit of the Look Ahead to 2017 special (What's really in store for Malaysia's IT industry in 2017). During the rapidfire interview, he drills down to asking business and technology leaders about their security preparedness.
Formerly known as Bit9, US-headquartered Carbon Black, which was established in 2002, operates in endpoint security software systems.

Kane Lightowler, MD, APJ, Carbon Black

Photo - Kane Lightowler, Asia Pacific & Japan Managing Director for Carbon Black.

  Let's start with a roundup of some of your security predictions for general industry in 2017.

[KL]  One of the biggest security issues we'll see in 2017 is the global emergence and continued growth of non-malware attacks.
Non-malware attacks are capable of gaining control of computers without downloading any files. Instead, they leverage on trusted, native operating system tools such as PowerShell or exploit running applications (such as web browsers and Office applications) to conduct their malicious behaviour.
 A big problem in security is that traditional antivirus is purely focused on stopping malicious files. As a result, non-malware attacks are succeeding at an alarming rate at too many organizations. Attackers are evolving their attacks and many organizations are using outdated defences in legacy antivirus. That's a major problem and why we are seeing so many breaches in the news.
 What other positives and negatives do you in the current operating environment that should inform business security planning?
 If there's anything good to come out of the slew of cyberattacks we are seeing on a global scale, it is that cybersecurity is in the spotlight.
 As a result, we'll hopefully see some forward-thinking leaders make a concerted effort to prioritise defence against advanced cyberattacks.
The good news is that many organisations see this problem and are allocating adequate budget.
 The bad news is that too many organisations are under-educated when it comes to defending against advanced cyberattacks and simply 'checking the box' by implementing the bare minimum cybersecurity.
Others continue to attempt to solve the same problems, such as ransomware, with the same ineffective technology, such as traditional antivirus. This is a recipe for a major recovery bill down the road when the inevitable attack does occur.
One question I am posing to many leaders this year is:  Security adoption has been touted as a strategic business driver/enabler. What's your take on this?
My take is: Security adoption should be a critical driver for modern businesses. Too much valuable customer information and intellectual property resides on an organisation's endpoints and servers for cybersecurity to be an afterthought.

Cybersecurity can no longer be a 'nice-to-have' component to businesses sustainability. Strategic cybersecurity planning should permeate every level of an organization and educating employees on cyber risks is critical to establishing and maintaining good security hygiene.
Last question: What should business leaders and IT professionals have in place right now?
Business leaders and IT professionals should take inventory of their cybersecurity defences and ask themselves a simple question, "if we were targeted by a motivated attacker today, am I 100 percent confident that we would be able to see and stop the attack?"

If leaders can't confidently say 'yes' to that question, they should re-evaluate their approach to security. Traditional antivirus, the de facto standard for many businesses is failing. Increasingly, we are seeing businesses replace their legacy AV solutions with next-generation antivirus, capable of preventing, detecting and responding to all forms of cyberattacks, even those that do not rely on malware.

1  2  Next Page